Cross-site scripting (XSS) vulnerability in McAfee Email Gateway (MEG) 7.6.x prior to 7.6.404, when File Filtering is enabled with the action set to ESERVICES:REPLACE, allows remote malicious users to inject arbitrary web script or HTML via an attachment in a blocked email.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcafee email gateway 7.6.4 |
||
mcafee email gateway 7.6.3 |
||
mcafee email gateway 7.6.2 |
||
mcafee email gateway 7.6.1 |
||
mcafee email gateway 7.6 |